Microsoft Senior Security Researcher 

United States 

477547543

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.

The Microsoft Security AI (Artificial Intelligence) Research team is responsible for defending Microsoft and our customers through applied AI innovation. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. Defending Microsoft’s complex environment provides a unique opportunity to build and evaluate autonomous defense through emerging generative AI capabilities. Microsoft understands and learns from its own defensive expertise, including via teams like Microsoft Threat Intelligence Center (MSTIC), and has the opportunity to build a unique knowledge graph describing the relationship between risk, investigation, and response. This training data set, built over Microsoft’s complex digital estate, is a foundational component for improving language models, training and driving agentic frameworks, and replicating level investigation and response.We are looking to hire aSenior Security Researcher tojoin our team.

Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.

Required Qualifications

• 5+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detectiono
  • OR Master's Degree in Statistics, Mathematics, Computer Science or related field.
• 4+ years designing and building knowledge graph structures, implementing graph algorithms, and writing graph queries (e.g., Neo4j Cypher, KQL Graph Semantics, Gremlin, Graphfames DSL) to explore attack paths and adversary behavior, as well as for development and security research.
• 4+ years of computer security industry experience with knowledge of adversary tradecraft and of emerging threats and techniques for attacks against cloud (e.g., Azure, AWS, GCP) and on-prem network environments.
• 4+ years analyzing and dissecting adversary tradecraft from both offensive and defensive perspectives, including identifying techniques, tactics, and procedures (TTPs) and developing countermeasures and mitigations.
• 4+ years coding with languages such as C#, Python and PowerShell and working with Azure Functions, Azure Static Web Sites, Azure Containers, Docker containers, Azure DevOps pipelines, Github actions, Github Codespaces, Visual Studio Code, and Jupyter Notebooks.

Other RequirementsAbility to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:

• Microsoft Cloud Background Check:This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Preferred Qualifications

• Understanding of ontologies and their role in defining the schema for knowledge graphs.
• Experience in research areas such as generative AI/ agentic frameworks, large language models, risk quantification, anomaly detection, clustering, statistics, time series analysis or reinforcement learning.
• Written and verbal communication skills, ability to simplify and explain complex ideas.

Security Research IC4 - The typical base pay range for this role across the U.S. is USD $117,200 - $229,200 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $153,600 - $250,200 per year.Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:Microsoft will accept applications for the role until Aug 23, 2024.

#MSFTSecurity #MSECAIR #CyberSecurity #InfoSecCommunity #SecurityResearch #LLM #AI #KnowledgeGraph #AIAgents #GenAI #MSecADAPT

• Develop and build a comprehensive knowledge graph to support the development of our security platform and agentic workflows.
• Support the generation of incident data either synthetically, using our own ontology, or by designing and running end-to-end attack simulations, contributing to our overall autonomy efforts and the development of security language models.
• Partner with applied researchers to enable the development of autonomous agents to defend and protect Microsoft.
• Conduct data studies to gain a deep understanding of data produced by our technology and third-party services used by our customers, enhancing our ability to analyze and respond to security incidents.
• Cultivate global collaborations with security researchers to exchange knowledge, stay updated on emerging threats, and build partnerships with offensive security researchers to enhance our defensive capabilities and embrace cutting-edge offensive security research.
• Share knowledge with the community through engaging presentations, blog posts, papers, and active participation on social media channels, contributing to the broader information security ecosystem.
• Develop open-source tools for the community, enabling access to our research and best practices, fostering knowledge sharing, and empowering others to conduct their own experiments and learn from our threat research methodology.

Other

• Embody our and